ID | 277198 |
Package Name | grafana |
Version | 9.2.10 |
Release | 13.fc40 |
Epoch | |
Source | git+https://src.fedoraproject.org/rpms/grafana.git#51103637cb8ed53f3c4a43f85febb76bc1eea7b3 |
Summary |
Description |
Built by | davidlt |
State |
complete
|
Volume |
DEFAULT |
Started | Sun, 17 Dec 2023 13:42:07 UTC |
Completed | Sun, 17 Dec 2023 17:10:16 UTC |
Task | build (f40, /rpms/grafana.git:51103637cb8ed53f3c4a43f85febb76bc1eea7b3) |
Extra | {'source': {'original_url': 'git+https://src.fedoraproject.org/rpms/grafana.git#51103637cb8ed53f3c4a43f85febb76bc1eea7b3'}} |
Tags |
|
RPMs |
src | |
|
grafana-9.2.10-13.fc40.src.rpm (info) (download) |
riscv64 |
|
grafana-9.2.10-13.fc40.riscv64.rpm (info) (download)
|
|
grafana-selinux-9.2.10-13.fc40.riscv64.rpm (info) (download)
|
|
grafana-debuginfo-9.2.10-13.fc40.riscv64.rpm (info) (download)
|
|
grafana-debugsource-9.2.10-13.fc40.riscv64.rpm (info) (download)
|
|
Logs |
|
Changelog |
* Fri Dec 15 2023 Sam Feifer <sfeifer@redhat.com> 9.2.10-13
- Fixes coredump issue introduced by selinux
- Patches out call to panic when trying to walk "/" directory
* Thu Nov 30 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-12
- Fix another set of AVC denials found testing only on some architectures
* Mon Nov 20 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-11
- Fix additional AVC denial found when testing on certain architectures
* Wed Nov 15 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-10
- Fix additional AVC denial found when testing
* Wed Nov 15 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-9
- Fix AVC denials found when testing
- Stop commented out gotest macro from expanding
* Thu Nov 09 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-8
- Hide relabeling messages from selinux when installing/uninstalling
* Wed Nov 08 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-7
- Include the selinux policy in the main package rather than a separate package
* Thu Oct 05 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-6
- Added 0010-skip-tests
- Resolves problematic tests when building
* Thu Sep 28 2023 Sam Feifer <sfeifer@redhat.com> - 9.2.10-5
- Add SELinux policy for grafana
* Sat Jul 22 2023 Carl George <carl@redhat.com> - 9.2.10-4
- resolve CVE-2023-3128 grafana: Remove Email Lookup from oauth integrations
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 9.2.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu May 18 2023 Stan Cox <scox@redhat.com> 9.2.10-2
- Update to 9.2.10
* Mon May 15 2023 Stan Cox <scox@redhat.com> 9.2.10-1
- Update to 9.2.10
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 9.0.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Sep 21 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.9-1
- update to 9.0.9 tagged upstream community sources, see CHANGELOG
- resolve CVE-2022-35957 grafana: Escalation from admin to server admin when auth proxy is used (rhbz#2128565)
* Thu Sep 15 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.8-1
- update to 9.0.8 tagged upstream community sources, see CHANGELOG
- do not list /usr/share/grafana/conf twice
- drop makefile in favor of create_bundles.sh script
- sync provides/obsoletes with CentOS versions
- drop husky patch
* Wed Jul 27 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.5-1
- update to 9.0.5 tagged upstream community sources, see CHANGELOG (rhbz#2107413)
- run integration tests in check phase
- remove conditional around go-rpm-macros
- resolve CVE-2022-31107 grafana: OAuth account takeover (rhbz#2107435)
- resolve CVE-2022-31097 grafana: stored XSS vulnerability (rhbz#2107436)
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 9.0.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jul 14 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-3
- fix quoting in grafana-cli wrapper script (rhbz#2107046)
* Wed Jul 13 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-2
- use systemd-sysusers to create the Grafana user and group
* Thu Jul 07 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-1
- update to 9.0.2 tagged upstream community sources, see CHANGELOG
* Wed Jun 29 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 8.5.6-1
- update to 8.5.6 tagged upstream community sources, see CHANGELOG
- updated license to AGPLv3
- place commented sample config file in /etc/grafana/grafana.ini
- enable Go modules in build process
- adapt Node.js bundling to yarn v3 and Zero Install feature
* Sun Jun 19 2022 Robert-André Mauchin <zebob.m@gmail.com> - 7.5.15-3
- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191,
CVE-2022-29526, CVE-2022-30629
* Mon Apr 11 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-2
- use clamp-mtime when generating the vendor and webpack tarballs,
to preserve past timestamps but still keep reproducibility
- round tarball mtime timestamp to midnight, to match SOURCE_DATE_EPOCH
* Fri Apr 08 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.15-1
- update to 7.5.15 tagged upstream community sources, see CHANGELOG
- resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
- resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
- resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
- resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
- resolve CVE-2021-23648 sanitize-url: XSS
- resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
- declare Node.js dependencies of subpackages
- make vendor and webpack tarballs reproducible
* Fri Jan 28 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.13-1
- update to 7.5.13 tagged upstream community sources, see CHANGELOG
- support Go 1.18
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7.5.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Jan 18 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-3
- use HMAC-SHA-256 instead of SHA-1 to generate password reset tokens
- update FIPS tests in check phase
* Thu Dec 16 2021 Andreas Gerstmayr <agerstmayr@redhat.com> 7.5.11-2
- resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
- resolve CVE-2021-43813 grafana: directory traversal vulnerability for *.md files
|